Hi all,
the new revision incorporates the outcome of the consensus call on implicit
grant (and the like). It also has more text on Refresh Token expiration and
implementation of Refresh Token replay detection via Refresh Token rotation.
Thanks a lot for all the valuable feedback.
kind regard
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Web Authorization Protocol WG of the IETF.
Title : OAuth 2.0 Security Best Current Practice
Authors : Torsten Lodderstedt
J
